diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2014-02-09 23:44:56 +0400 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2014-02-09 23:44:56 +0400 |
| commit | 1ca20a1cd208e95f5e38ed8b8bcc6a2dad376228 (patch) | |
| tree | 0c90ef25cc428eed933d882d3d73c333a42c6319 /winsup/cygwin/pwdgrp.h | |
| parent | 01fc6f8d21299ef8e196d2155cd35973d08f398e (diff) | |
Introduce reading passwd/group entries from SAM/AD. Introduce
/etc/nsswitch.conf file to configure it.
* Makefile.in (DLL_OFILES): Add ldap.o.
* autoload.cc: Import ldap functions from wldap32.dll.
(DsEnumerateDomainTrustsW): Import.
(NetGroupGetInfo): Import.
* cygheap.h (class cygheap_domain_info): New class to keep global
domain info.
(class cygheap_pwdgrp): New class to keep passwd/group caches and
configuration info from /etc/nssswitch.conf.
(struct init_cygheap): Add cygheap_domain_info member "dom" and
cygheap_pwdgrp member "pg".
* cygtls.h (struct _local_storage): Remove unused member "res".
Rearrange slightly, Add members pwbuf and grbuf to implement non-caching
passwd/group fetching from SAM/AD. Make pw_pos and pw_pos unsigned.
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Add RFC 2307
uid/gid mapping.
* fhandler_process.cc: Drop including pwdgrp.h.
* fhandler_procsysvipc.cc: Ditto.
* fhandler_registry.cc (fhandler_registry::fstat): Set key uid/gid
to ILLEGAL_UID/ILLEGAL_GID rather than UNKNOWN_UID/UNKNOWN_GID.
* grp.cc (group_buf): Drop.
(gr): Drop.
(pwdgrp::parse_group): Fill pg_grp.
(pwdgrp::read_group): Remove.
(pwdgrp::init_grp): New method.
(pwdgrp::prep_tls_grbuf): New method.
(pwdgrp::find_group): New methods.
(internal_getgrsid): Convert to call new pwdgrp methods.
(internal_getgrnam): Ditto.
(internal_getgrgid): Ditto.
(getgrgid_r): Drop 2nd parameter from internal_getgrgid call.
(getgrgid32): Ditto.
(getgrnam_r): Ditto for internal_getgrnam.
(getgrnam32): Ditto.
(getgrent32): Convert to call new pwdgrp methods.
(internal_getgrent): Remove.
(internal_getgroups): Simplify, especially drop calls to
internal_getgrent.
* ldap.cc: New file implementing cyg_ldap class for LDAP access to AD
and RFC 2307 server.
* ldap.h: New header, declaring cyg_ldap class.
* passwd.cc (passwd_buf): Drop.
(pr): Drop.
(pwdgrp::parse_passwd): Fill pg_pwd.
(pwdgrp::read_passwd): Remove.
(pwdgrp::init_pwd): New method.
(pwdgrp::prep_tls_pwbuf): New method.
(find_user): New methods.
(internal_getpwsid): Convert to call new pwdgrp methods.
(internal_getpwnam): Ditto.
(internal_getpwuid): Ditto.
(getpwuid32): Drop 2nd parameter from internal_getpwuid call.
(getpwuid_r): Ditto.
(getpwnam): Ditto for internal_getpwnam.
(getpwnam_r): Ditto.
(getpwent): Convert to call new pwdgrp methods.
* path.cc (class etc): Remove all methods.
* path.h (class etc): Drop.
* pinfo.cc (pinfo_basic::pinfo_basic): Set gid to ILLEGAL_GID rather
than UNKNOWN_GID.
(pinfo_init): Ditto.
* pwdgrp.h (internal_getpwnam): Drop 2nd parameter from declaration.
(internal_getpwuid): Ditto.
(internal_getgrgid): Ditto.
(internal_getgrnam): Ditto.
(internal_getgrent): Drop declaration.
(enum fetch_user_arg_type_t): New type.
(struct fetch_user_arg_t): New type.
(struct pg_pwd): New type.
(struct pg_grp): New type.
(class pwdgrp): Rework to provide functions for file and db requests
and caching.
(class ugid_cache_t): New class to provide RFC 2307 uid map caching.
(ugid_cache): Declare.
* sec_acl.cc: Drop including pwdgrp.h.
* sec_auth.cc: Drop including dsgetdc.h and pwdgrp.h.
(get_logon_server): Convert third parameter to ULONG flags argument
to allow arbitrary flags values in DsGetDcNameW call and change calls
to this function throughout. Use cached account domain name rather
than calling GetComputerNameW.
(get_unix_group_sidlist): Remove.
(get_server_groups): Drop call to get_unix_group_sidlist.
(verify_token): Rework token group check without calling
internal_getgrent.
* sec_helper.cc (cygpsid::pstring): New methods, like string() but
return pointer to end of string.
(cygsid::getfromstr): Add wide character implementation.
(get_sids_info): Add RFC 2307 uid/gid mapping for Samba shares.
* security.cc: Drop including pwdgrp.h.
* security.h (DEFAULT_UID): Remove.
(UNKNOWN_UID): Remove.
(UNKNOWN_GID): Remove.
(uinfo_init): Move here from winsup.h.
(ILLEGAL_UID): Ditto.
(ILLEGAL_GID): Ditto.
(UNIX_POSIX_OFFSET): Define. Add lengthy comment.
(UNIX_POSIX_MASK): Ditto.
(MAP_UNIX_TO_CYGWIN_ID): Ditto.
(ILLEGAL_UID16): Move here from winsup.h.
(ILLEGAL_GID16): Ditto.
(uid16touid32): Ditto.
(gid16togid32): Ditto.
(sid_id_auth): New convenience macro for SID component access.
(sid_sub_auth_count): Ditto.
(sid_sub_auth): Ditto.
(sid_sub_auth_rid): Ditto.
(cygpsid::pstring): Declare.
(cygsid::getfromstr): Declare wide character variant.
(cygsid::operator=): Ditto.
(cygsid::operator*=): Ditto.
(get_logon_server): Change declaration according to source code.
* setlsapwd.cc (setlsapwd): Drop 2nd parameter from internal_getpwnam
call.
* shared.cc (memory_init): Call cygheap->pg.init in first process.
* syscalls.cc: Drop including pwdgrp.h.
* tlsoffsets.h: Regenerate.
* tlsoffsets64.h: Ditto.
* uinfo.cc (internal_getlogin): Drop gratuitious internal_getpwuid
call. Fix debug output. Overwrite user gid in border case of a
missing passwd file while a group file exists.
(pwdgrp::add_line): Allocate memory on cygheap.
(pwdgrp::load): Remove.
(ugid_cache): Define.
(cygheap_pwdgrp::init): New method.
(cygheap_pwdgrp::nss_init_line): New method.
(cygheap_pwdgrp::_nss_init): New method.
(cygheap_domain_info::init): New method.
(logon_sid): Define.
(get_logon_sid): New function.
(pwdgrp::add_account_post_fetch): New method.
(pwdgrp::add_account_from_file): New methods.
(pwdgrp::add_account_from_windows): New methods.
(pwdgrp::check_file): New method.
(pwdgrp::fetch_account_from_line): New method.
(pwdgrp::fetch_account_from_file): New method.
(pwdgrp::fetch_account_from_windows): New method.
* winsup.h: Move aforementioned macros and declarations to security.h.
Diffstat (limited to 'winsup/cygwin/pwdgrp.h')
| -rw-r--r-- | winsup/cygwin/pwdgrp.h | 168 |
1 files changed, 133 insertions, 35 deletions
diff --git a/winsup/cygwin/pwdgrp.h b/winsup/cygwin/pwdgrp.h index fe3c3f2a1..a93d2b979 100644 --- a/winsup/cygwin/pwdgrp.h +++ b/winsup/cygwin/pwdgrp.h @@ -1,6 +1,6 @@ /* pwdgrp.h - Copyright 2001, 2002, 2003 Red Hat inc. + Copyright 2001, 2002, 2003, 2014 Red Hat inc. Stuff common to pwd and grp handling. @@ -10,42 +10,65 @@ This software is a copyrighted work licensed under the terms of the Cygwin license. Please consult the file "CYGWIN_LICENSE" for details. */ +#pragma once + /* These functions are needed to allow searching and walking through the passwd and group lists */ extern struct passwd *internal_getpwsid (cygpsid &); -extern struct passwd *internal_getpwnam (const char *, bool = FALSE); -extern struct passwd *internal_getpwuid (uid_t, bool = FALSE); +extern struct passwd *internal_getpwnam (const char *); +extern struct passwd *internal_getpwuid (uid_t); extern struct group *internal_getgrsid (cygpsid &); -extern struct group *internal_getgrgid (gid_t gid, bool = FALSE); -extern struct group *internal_getgrnam (const char *, bool = FALSE); -extern struct group *internal_getgrent (int); +extern struct group *internal_getgrgid (gid_t); +extern struct group *internal_getgrnam (const char *); int internal_getgroups (int, gid_t *, cygpsid * = NULL); #include "sync.h" -#include "cygtls.h" + +enum fetch_user_arg_type_t { + SID_arg, + NAME_arg, + ID_arg +}; + +struct fetch_user_arg_t +{ + fetch_user_arg_type_t type; + union { + cygpsid *sid; + const char *name; + uint32_t id; + }; + /* Only used in fetch_account_from_file/line. */ + size_t len; +}; + +struct pg_pwd +{ + struct passwd p; + cygsid sid; +}; + +struct pg_grp +{ + struct group g; + cygsid sid; +}; + class pwdgrp { unsigned pwdgrp_buf_elem_size; - union - { - passwd **passwd_buf; - group **group_buf; - void **pwdgrp_buf; - }; - void (pwdgrp::*read) (); + void *pwdgrp_buf; bool (pwdgrp::*parse) (); - int etc_ix; - UNICODE_STRING upath; - PWCHAR path; - char *buf, *lptr; - int max_lines; - bool initialized; + UNICODE_STRING path; + OBJECT_ATTRIBUTES attr; + LARGE_INTEGER last_modified; + char *lptr; + ULONG curr_lines; + ULONG max_lines; static muto pglock; bool parse_passwd (); bool parse_group (); - void read_passwd (); - void read_group (); char *add_line (char *); char *raw_ptr () const {return lptr;} char *next_str (char); @@ -64,21 +87,96 @@ class pwdgrp i = (int) x; return res; } + void *add_account_post_fetch (char *line); + void *add_account_from_file (cygpsid &sid); + void *add_account_from_file (const char *name); + void *add_account_from_file (uint32_t id); + void *add_account_from_windows (cygpsid &sid, bool group); + void *add_account_from_windows (const char *name, bool group); + void *add_account_from_windows (uint32_t id, bool group); + char *fetch_account_from_line (fetch_user_arg_t &arg, const char *line); + char *fetch_account_from_file (fetch_user_arg_t &arg); + char *fetch_account_from_windows (fetch_user_arg_t &arg, bool group); + pwdgrp *prep_tls_pwbuf (); + pwdgrp *prep_tls_grbuf (); public: - int curr_lines; + ULONG cached_users () const { return curr_lines; } + ULONG cached_groups () const { return curr_lines; } + bool check_file (bool group); - void load (const wchar_t *); - inline void refresh (bool check) - { - if (!check && initialized) - return; - if (pglock.acquire () == 1 && - (!initialized || (check && etc::file_changed (etc_ix)))) - (this->*read) (); - pglock.release (); - } + void init_pwd (); + pg_pwd *passwd () const { return (pg_pwd *) pwdgrp_buf; }; + inline struct passwd *add_user_from_file (cygpsid &sid) + { return (struct passwd *) add_account_from_file (sid); } + struct passwd *add_user_from_file (const char *name) + { return (struct passwd *) add_account_from_file (name); } + struct passwd *add_user_from_file (uint32_t id) + { return (struct passwd *) add_account_from_file (id); } + struct passwd *add_user_from_windows (cygpsid &sid) + { return (struct passwd *) add_account_from_windows (sid, false); } + struct passwd *add_user_from_windows (const char *name) + { return (struct passwd *) add_account_from_windows (name, false); } + struct passwd *add_user_from_windows (uint32_t id) + { return (struct passwd *) add_account_from_windows (id, false); } + struct passwd *find_user (cygpsid &sid); + struct passwd *find_user (const char *name); + struct passwd *find_user (uid_t uid); + + void init_grp (); + pg_grp *group () const { return (pg_grp *) pwdgrp_buf; }; + struct group *add_group_from_file (cygpsid &sid) + { return (struct group *) add_account_from_file (sid); } + struct group *add_group_from_file (const char *name) + { return (struct group *) add_account_from_file (name); } + struct group *add_group_from_file (uint32_t id) + { return (struct group *) add_account_from_file (id); } + struct group *add_group_from_windows (cygpsid &sid) + { return (struct group *) add_account_from_windows (sid, true); } + struct group *add_group_from_windows (const char *name) + { return (struct group *) add_account_from_windows (name, true); } + struct group *add_group_from_windows (uint32_t id) + { return (struct group *) add_account_from_windows (id, true); } + struct group *find_group (cygpsid &sid); + struct group *find_group (const char *name); + struct group *find_group (gid_t gid); +}; + +class ugid_cache_t +{ + struct idmap { + uint32_t nfs_id; + uint32_t cyg_id; + }; + class idmaps { + uint32_t _cnt; + uint32_t _max; + idmap *_map; + public: + idmaps () : _cnt (0), _max (0), _map (NULL) {} + uint32_t get (uint32_t id) const + { + for (uint32_t i = 0; i < _cnt; ++i) + if (_map[i].nfs_id == id) + return _map[i].cyg_id; + return (uint32_t) -1; + } + void add (uint32_t nfs_id, uint32_t cyg_id) + { + if (_cnt >= _max) + _map = (idmap *) realloc (_map, (_max += 10) * sizeof (*_map)); + _map[_cnt].nfs_id = nfs_id; + _map[_cnt].cyg_id = cyg_id; + ++_cnt; + } + }; + idmaps uids; + idmaps gids; - pwdgrp (passwd *&pbuf); - pwdgrp (group *&gbuf); +public: + uid_t get_uid (uid_t uid) const { return uids.get (uid); } + gid_t get_gid (gid_t gid) const { return gids.get (gid); } + void add_uid (uid_t nfs_uid, uid_t cyg_uid) { uids.add (nfs_uid, cyg_uid); } + void add_gid (gid_t nfs_gid, gid_t cyg_gid) { gids.add (nfs_gid, cyg_gid); } }; +extern ugid_cache_t ugid_cache; |